--- /dev/null
+From 2dedd7d2165565bafa89718eaadfc5d1a7865f66 Mon Sep 17 00:00:00 2001
+From: Andrii Nakryiko <andriin@fb.com>
+Date: Fri, 11 Oct 2019 10:20:53 -0700
+Subject: bpf: Fix cast to pointer from integer of different size warning
+
+From: Andrii Nakryiko <andriin@fb.com>
+
+commit 2dedd7d2165565bafa89718eaadfc5d1a7865f66 upstream.
+
+Fix "warning: cast to pointer from integer of different size" when
+casting u64 addr to void *.
+
+Fixes: a23740ec43ba ("bpf: Track contents of read-only maps as scalars")
+Reported-by: kbuild test robot <lkp@intel.com>
+Signed-off-by: Andrii Nakryiko <andriin@fb.com>
+Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
+Acked-by: Martin KaFai Lau <kafai@fb.com>
+Link: https://lore.kernel.org/bpf/20191011172053.2980619-1-andriin@fb.com
+Cc: Rafael David Tinoco <rafaeldtinoco@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ kernel/bpf/verifier.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/kernel/bpf/verifier.c
++++ b/kernel/bpf/verifier.c
+@@ -2792,7 +2792,7 @@ static int bpf_map_direct_read(struct bp
+ err = map->ops->map_direct_value_addr(map, &addr, off);
+ if (err)
+ return err;
+- ptr = (void *)addr + off;
++ ptr = (void *)(long)addr + off;
+
+ switch (size) {
+ case sizeof(u8):
--- /dev/null
+From a23740ec43ba022dbfd139d0fe3eff193216272b Mon Sep 17 00:00:00 2001
+From: Andrii Nakryiko <andriin@fb.com>
+Date: Wed, 9 Oct 2019 13:14:57 -0700
+Subject: bpf: Track contents of read-only maps as scalars
+
+From: Andrii Nakryiko <andriin@fb.com>
+
+commit a23740ec43ba022dbfd139d0fe3eff193216272b upstream.
+
+Maps that are read-only both from BPF program side and user space side
+have their contents constant, so verifier can track referenced values
+precisely and use that knowledge for dead code elimination, branch
+pruning, etc. This patch teaches BPF verifier how to do this.
+
+Signed-off-by: Andrii Nakryiko <andriin@fb.com>
+Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
+Link: https://lore.kernel.org/bpf/20191009201458.2679171-2-andriin@fb.com
+Signed-off-by: Rafael David Tinoco <rafaeldtinoco@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ kernel/bpf/verifier.c | 57 ++++++++++++++++++++++++++++++++++++++++++++++++--
+ 1 file changed, 55 insertions(+), 2 deletions(-)
+
+--- a/kernel/bpf/verifier.c
++++ b/kernel/bpf/verifier.c
+@@ -2778,6 +2778,41 @@ static void coerce_reg_to_size(struct bp
+ reg->smax_value = reg->umax_value;
+ }
+
++static bool bpf_map_is_rdonly(const struct bpf_map *map)
++{
++ return (map->map_flags & BPF_F_RDONLY_PROG) && map->frozen;
++}
++
++static int bpf_map_direct_read(struct bpf_map *map, int off, int size, u64 *val)
++{
++ void *ptr;
++ u64 addr;
++ int err;
++
++ err = map->ops->map_direct_value_addr(map, &addr, off);
++ if (err)
++ return err;
++ ptr = (void *)addr + off;
++
++ switch (size) {
++ case sizeof(u8):
++ *val = (u64)*(u8 *)ptr;
++ break;
++ case sizeof(u16):
++ *val = (u64)*(u16 *)ptr;
++ break;
++ case sizeof(u32):
++ *val = (u64)*(u32 *)ptr;
++ break;
++ case sizeof(u64):
++ *val = *(u64 *)ptr;
++ break;
++ default:
++ return -EINVAL;
++ }
++ return 0;
++}
++
+ /* check whether memory at (regno + off) is accessible for t = (read | write)
+ * if t==write, value_regno is a register which value is stored into memory
+ * if t==read, value_regno is a register which will receive the value from memory
+@@ -2815,9 +2850,27 @@ static int check_mem_access(struct bpf_v
+ if (err)
+ return err;
+ err = check_map_access(env, regno, off, size, false);
+- if (!err && t == BPF_READ && value_regno >= 0)
+- mark_reg_unknown(env, regs, value_regno);
++ if (!err && t == BPF_READ && value_regno >= 0) {
++ struct bpf_map *map = reg->map_ptr;
+
++ /* if map is read-only, track its contents as scalars */
++ if (tnum_is_const(reg->var_off) &&
++ bpf_map_is_rdonly(map) &&
++ map->ops->map_direct_value_addr) {
++ int map_off = off + reg->var_off.value;
++ u64 val = 0;
++
++ err = bpf_map_direct_read(map, map_off, size,
++ &val);
++ if (err)
++ return err;
++
++ regs[value_regno].type = SCALAR_VALUE;
++ __mark_reg_known(®s[value_regno], val);
++ } else {
++ mark_reg_unknown(env, regs, value_regno);
++ }
++ }
+ } else if (reg->type == PTR_TO_CTX) {
+ enum bpf_reg_type reg_type = SCALAR_VALUE;
+
--- /dev/null
+From 2287a51ba822384834dafc1c798453375d1107c7 Mon Sep 17 00:00:00 2001
+From: Linus Torvalds <torvalds@linux-foundation.org>
+Date: Mon, 30 Aug 2021 08:55:18 -0700
+Subject: vt_kdsetmode: extend console locking
+
+From: Linus Torvalds <torvalds@linux-foundation.org>
+
+commit 2287a51ba822384834dafc1c798453375d1107c7 upstream.
+
+As per the long-suffering comment.
+
+Reported-by: Minh Yuan <yuanmingbuaa@gmail.com>
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Jiri Slaby <jirislaby@kernel.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/tty/vt/vt_ioctl.c | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+
+--- a/drivers/tty/vt/vt_ioctl.c
++++ b/drivers/tty/vt/vt_ioctl.c
+@@ -484,16 +484,19 @@ int vt_ioctl(struct tty_struct *tty,
+ ret = -EINVAL;
+ goto out;
+ }
+- /* FIXME: this needs the console lock extending */
+- if (vc->vc_mode == (unsigned char) arg)
++ console_lock();
++ if (vc->vc_mode == (unsigned char) arg) {
++ console_unlock();
+ break;
++ }
+ vc->vc_mode = (unsigned char) arg;
+- if (console != fg_console)
++ if (console != fg_console) {
++ console_unlock();
+ break;
++ }
+ /*
+ * explicitly blank/unblank the screen if switching modes
+ */
+- console_lock();
+ if (arg == KD_TEXT)
+ do_unblank_screen(1);
+ else
projects / thirdparty / kernel / stable-queue.git / commitdiff
